When testing the upgrade/migration in my setup, I added a BDC to the NT4 domain and then removed it to a standalone off the backbone. I promoted the BDC to a PDC and changed the domain name. With a Win2k box acting as router, I reconnected to the backbone with its own subnet.
I can ping both ways with the root AD domain. The upgrade to Win2k went fine. But when I tried to add this new domain into the AD as a child domain, this is where it failed. It finds the AD domain, I supply the logon ID/password/domain info, answer all the other prompts, and the upgrade begins. However, several minutes into the process I receive and error that 'binding to the server' the 'DC for the root domain' with the supply credentials failed.'
I have tried this with a fresh new NT domain PDC. I also tried rebuilding the AD domain from scratch with no success. I'm stumped. TechNet and other resources have failed to help me on this problem. Can you tell me where to look?
If you want to test this theory, disconnect the upgrade Win2k network off of the backbone. Build a new AD server to match what you have on the backbone. Put the new AD server in the isolated network with the upgraded Win2k machine. Now, create the trusts. I would imagine that this will work.
This was first published in August 2003